Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Unable to route between VLANs

Hello,

I'm running into an issue setting up VLANs with a stack of 3750Xs.

Our setup consists of a Cisco 2821 Router -> Cisco ASA 5510 -> Bridged Web Filter -> 3750X stack -> Which goes out to Cisco 3750G Egde Switches.

We currently have a flat 10.1.0.0/16 Network and would like to break it up into multiple VLANS:

Management VLAN - 10.1.0.0/16

Tech VLAN - 10.2.0.0/16

Admin VLAN - 10.3.0.0/16 etc. etc. etc..

 

As a test, I created the VLAN 2, assigned it the ip address of 10.2.0.1/16, made sure it was set to 'no shut'. IP routing is enabled and the catch all gateway has been set.

I have a device that has been assigned to VLAN2, however I can only ping it's default gateway (10.2.0.1). I'm also unable to ping anything in VLAN 2 from VLAN 1.

I'm not sure I'm making a really stupid addressing mistake or a configuration error. Any insight would be greatly appreciated.

 

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
New Member

I assume the ASA is on the

I assume the ASA is on the VLAN1 subnet? 

If not, add the following command on the ASA:

route inside <VLAN2-SUBNET> 255.255.255.0 <VLAN1-SwitchIP> 1

Example: route inside 10.30.1.0 255.255.255.0 10.30.200.1 1

 

 

6 REPLIES
New Member

If you do a "show ip int

If you do a "show ip int brief" are both VLANs showing up / up? Do you have a device plugged into VLAN1 as well or just into VLAN2? If you do a "show vlan brief" is each VLAN assigned to at least 1 port? 

New Member

Hi Adam,I managed to get

Hi Adam,

I managed to get interVLAN communication working, I neglected to change the default gateway on my VLAN1 devices. However I'm still unable to access the internet with my VLAN2 devices. The next hop would be my 5510 ASA. Would I need to create static routes for each of my VLANs?

Hi, I hope you have a default

Hi,

 

I hope you have a default route in your switch towards the Firewall for the internet access.

Then, you need to create reverse static route in the Firewall to all the VLANs.

Example:

ip route <Tech VLAN> < Subnet Mask> < VLAN 1 SVI>

ip route < Test VLAN > <SNM > < VLAN 1 SVI >

I assume VLAN 1 is the Management ip address where the Firewall inside leg is configured.

 

Please rate me if it resolved your problem.

 

Regards,

Gan

New Member

I assume the ASA is on the

I assume the ASA is on the VLAN1 subnet? 

If not, add the following command on the ASA:

route inside <VLAN2-SUBNET> 255.255.255.0 <VLAN1-SwitchIP> 1

Example: route inside 10.30.1.0 255.255.255.0 10.30.200.1 1

 

 

New Member

That was it!So I assume i

That was it!

So I assume i just need to create a static route for each of my VLAN subnets just like that?

 

I really appreciate it, Adam!

 

New Member

You got it. All of them,

You got it. All of them, except VLAN1. 

No problem at all. 

98
Views
0
Helpful
6
Replies
CreatePlease login to create content